+/* import_sec_context.c */
+OM_uint32
+gssEapImportContext(OM_uint32 *minor,
+ gss_buffer_t token,
+ gss_ctx_id_t ctx);
+
+/* inquire_sec_context_by_oid.c */
+#define NEGOEX_INITIATOR_SALT "gss-eap-negoex-initiator"
+#define NEGOEX_INITIATOR_SALT_LEN (sizeof(NEGOEX_INITIATOR_SALT) - 1)
+
+#define NEGOEX_ACCEPTOR_SALT "gss-eap-negoex-acceptor"
+#define NEGOEX_ACCEPTOR_SALT_LEN (sizeof(NEGOEX_ACCEPTOR_SALT) - 1)
+
+/* pseudo_random.c */
+OM_uint32
+gssEapPseudoRandom(OM_uint32 *minor,
+ gss_const_ctx_id_t ctx,
+ int prf_key,
+ const gss_buffer_t prf_in,
+ gss_buffer_t prf_out);
+
+/* query_mechanism_info.c */
+OM_uint32
+gssQueryMechanismInfo(OM_uint32 *minor,
+ gss_const_OID mech_oid,
+ unsigned char auth_scheme[16]);
+
+/* query_meta_data.c */
+OM_uint32
+gssEapQueryMetaData(OM_uint32 *minor,
+ gss_const_OID mech GSSEAP_UNUSED,
+ gss_cred_id_t cred,
+ gss_ctx_id_t *context_handle,
+ const gss_name_t name,
+ OM_uint32 req_flags GSSEAP_UNUSED,
+ gss_buffer_t meta_data);
+
+/* eap_mech.c */
+OM_uint32
+gssEapInitiatorInit(OM_uint32 *minor);
+
+void
+gssEapFinalize(void);
+
+/* Debugging and tracing */
+
+static inline void
+gssEapTraceStatus(const char *function,
+ OM_uint32 major,
+ OM_uint32 minor)
+{
+ gss_buffer_desc gssErrorCodeBuf = GSS_C_EMPTY_BUFFER;
+ gss_buffer_desc gssMechBuf = GSS_C_EMPTY_BUFFER;
+ OM_uint32 tmpMajor, tmpMinor;
+ OM_uint32 messageCtx = 0;
+
+ tmpMajor = gss_display_status(&tmpMinor, major,
+ GSS_C_GSS_CODE, GSS_C_NO_OID,
+ &messageCtx, &gssErrorCodeBuf);
+ if (!GSS_ERROR(tmpMajor)) {
+ if (minor == 0)
+ tmpMajor = makeStringBuffer(&tmpMinor, "no minor", &gssMechBuf);
+ else
+ tmpMajor = gssEapDisplayStatus(&tmpMinor, minor, &gssMechBuf);
+ }
+
+ if (!GSS_ERROR(tmpMajor))
+ wpa_printf(MSG_INFO, "%s: %.*s/%.*s",
+ function,
+ (int)gssErrorCodeBuf.length, (char *)gssErrorCodeBuf.value,
+ (int)gssMechBuf.length, (char *)gssMechBuf.value);
+ else
+ wpa_printf(MSG_INFO, "%s: %u/%u",
+ function, major, minor);
+
+ gss_release_buffer(&tmpMinor, &gssErrorCodeBuf);
+ gss_release_buffer(&tmpMinor, &gssMechBuf);
+}
+
+/* If built as a library on Linux, don't respect environment when set*uid */
+#ifdef HAVE_SECURE_GETENV
+#define getenv secure_getenv
+#endif